|
Developers guide to Web Application Security
75% of attacks targeted against specific systems are aimed
against the web application itself; not the operating system
or network. While current security technologies and
practices are aimed for the operating system and network,
the custom developed software that runs the web application
is the most exposed portion of any
website, and often the
most vulnerable.
This book defines Web application security, why it should be
addressed earlier in the lifecycle in development and
quality assurance, and how it differs from other types of
Internet security. Additionally, the book examines the
procedures and technologies that are essential to
developing, penetration testing and releasing a secure Web
application. Through a review of recent Web application
breaches, the book will expose the prolific methods hackers
use to execute Web attacks using common vulnerabilities such
as SQL Injection, Cross-Site Scripting and Buffer Overflows
in the application layer. By taking an in-depth look at the
techniques hackers use to exploit Web applications, readers
will be better equipped to protect confidential.
|
